﻿using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Web.Services;
using ClassLibrary1;
using System.Data.Sql;
using System.Data.SqlClient;
namespace WebService1
{
    /// <summary>
    /// Summary description for Service1
    /// </summary>
    [WebService(Namespace = "http://tempuri.org/")]
    [WebServiceBinding(ConformsTo = WsiProfiles.BasicProfile1_1)]
    [System.ComponentModel.ToolboxItem(false)]
    // To allow this Web Service to be called from script, using ASP.NET AJAX, uncomment the following line. 
    // [System.Web.Script.Services.ScriptService]
    public class Service1 : System.Web.Services.WebService
    {
        private DBHelper dbHelper;
        public Service1() {
            dbHelper = new DBHelper(".", "CheckBank", "sa", "fat123456");
        }

        [WebMethod]
        public bool CheckAccount(string BankNumber, string PinNumber) {

            bool flag = false;
            if (!checkCharacter(BankNumber) && !checkCharacter(PinNumber))
            {
                string sql = "select * from AcountBank where numberBank='" + BankNumber + "' and pinNumber='"+PinNumber+"'";
                SqlDataReader reader = dbHelper.executeQuerySql(sql);
                if (reader.Read())
                {
                    return true;
                }
                
            }
            return flag;
        }

        private bool checkCharacter(string str) {
            if (str.Contains("'"))
                return true;
            return false;
        }

        [WebMethod]
        public AccountBank GetAccountBank(string BankNumber, string PinNumber)
        {
            AccountBank acc = null;
            if (!checkCharacter(BankNumber) && !checkCharacter(PinNumber))
            {
                string sql = "select * from AcountBank where numberBank='" + BankNumber + "' and pinNumber='" + PinNumber + "'";
                SqlDataReader reader = dbHelper.executeQuerySql(sql);
                if(reader.Read())
                {
                    acc = new AccountBank();
                    acc.UserID =Convert.ToInt32(reader["userID"].ToString());
                    acc.UserName = reader["userName"].ToString();
                    acc.NumberBank = BankNumber;
                    acc.PinNumber = PinNumber;
                }

            }
            return acc;
        }

        [WebMethod]
        public AmountAcountBank GetAmount(int userID)
        {
            AmountAcountBank amount = null;

            string sql = "select * from AmountAcountBank where UserID="+userID;
            SqlDataReader reader = dbHelper.executeQuerySql(sql);
            if(reader.Read())
            {
                amount = new AmountAcountBank();
                amount.ManagerID = Convert.ToInt32(reader["managerID"].ToString());
                amount.UserID = userID;
                amount.Amount = Convert.ToDouble(reader["amount"].ToString());
            }
            return amount;
        }

        [WebMethod]
        public bool DeductAmount(int userID,double amount)
        {
            bool flag = false;
            AmountAcountBank amountbank = GetAmount(userID);
            if (amountbank != null) {
                if (amount < amountbank.Amount) {
                    double newamount = amountbank.Amount - amount;
                    string sql = "update AmountAcountBank set amount=" + newamount + " where userid=" + userID;
                    dbHelper.executeNonQuery(sql);
                    flag = true;
                }
            }
            return flag;
        }
    }


}